Announcement Announcement Module
Collapse
No announcement yet.
WSS1408: UsernameToken Authentication Failed, after upgrading to SOAP 1.2 from 1.1 Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • WSS1408: UsernameToken Authentication Failed, after upgrading to SOAP 1.2 from 1.1

    Hi,

    Kindly help.

    I use SOAP 1.2 while creating the WSDLs dynamically from the following entry in spring-ws-servlet.xml

    Code:
    <bean id="utilityService" class="org.springframework.ws.wsdl.wsdl11.DynamicWsdl11Definition">
    		<property name="builder">
    			<bean class="org.springframework.ws.wsdl.wsdl11.builder.XsdBasedSoap12Wsdl4jDefinitionBuilder">
    				<property name="schema" value="/UtilityService.xsd"></property>
    				<property name="portTypeName" value="utilityService" ></property>
    				<property name="locationUri" value="http://localhost:8085/ UtilityService"></property>
    				<property name="targetNamespace" value="http://www.abc.com/utilityservice/2008/"></property>
    			</bean>
    		</property>
    	</bean>

    After creating the WSDLs, I import them into SOAP UI and then created a new request and send the same to server to get a response. However, I always get the following error. Am I missing something here. I just converted my web services from using SOAP 1.1 to SOAP 1.2 and I changed that by using XsdBasedSoap12Wsdl4jDefinitionBuilder instead of XsdBasedSoap11Wsdl4jDefinitionBuilder in the above entry. It was working fine earlier, but after changing it to use SOAP 1.2 it always gives me this error. Please help.

    com.sun.xml.wss.impl.filter.AuthenticationTokenFil ter getUserNameTokenFromMessage
    SEVERE: WSS1408: UsernameToken Authentication Failed
    2011-10-11 12:46:11,007 [btpool0-9] DEBUG org.springframework.ws.server.MessageTracing.recei ved - Received request [SaajSoapMessage {http://www.abc.com/utilityservice/2008/}getStatusRequest]
    2011-10-11 12:46:11,007 [btpool0-9] WARN org.springframework.ws.soap.security.xwss.XwsSecur ityInterceptor - Could not validate request: com.sun.xml.wss.impl.WssSoapFaultException: Authentication of Username Password Token Failed; nested exception is com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.impl.WssSoapFaultException: Authentication of Username Password Token Failed
    2011-10-11 12:46:11,007 [btpool0-9] DEBUG org.springframework.ws.server.MessageTracing.sent - Sent response [SaajSoapMessage {http://www.w3.org/2003/05/soap-envelope}Fault] for request [SaajSoapMessage {http://www.abc.com/utilityservice/2008/}getStatusRequest]




    My SOAP Request is as follows :
    Code:
    <soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:ns="http://www.atiam.com/utilityservice/2008/">
      <soap:Header>
          <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
             <wsse:UsernameToken wsu:Id="UsernameToken-21466045" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
                <wsse:Username>username</wsse:Username>
                <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">pwd</wsse:Password>
            </wsse:UsernameToken>
          </wsse:Security>
       </soap:Header>
       <soap:Body>
          <ns:getInsproStatusRequest/>
       </soap:Body>
    </soap:Envelope>
    The other required information is mentioned below:

    Endpoints are POJOs using the @Endpoint annotation
    They all are defined in the spring-endpoint.xml as beans

    Spring-ws-servlet.xml
    Code:
    <bean id="wsSecurityInterceptor" class="org.springframework.ws.soap.security.xwss.XwsSecurityInterceptor">
    		<property name="policyConfiguration" value="classpath:securityPolicy.xml"/>
    		<property name="secureRequest" value="true"/>
    		<property name="secureResponse" value="false"/>
    		
    		<property name="callbackHandlers">
    			<list>
    				<ref bean="passwordValidationHandler"/>
    			</list>
    		</property>
    		
    	</bean>
    	
    	<bean id="passwordValidationHandler"
    		class="org.springframework.ws.soap.security.xwss.callback.SimplePasswordValidationCallbackHandler">
    		<property name="users">
    			<props>
    				<prop key="${WebservicesUsername}">${WebservicesPassword}</prop>
    			</props>
    		</property>
    		
    	</bean>	
    	
    	<bean class="org.springframework.ws.server.endpoint.mapping.PayloadRootAnnotationMethodEndpointMapping">
    		<property name="interceptors"> 	
    		<list>	
    			<ref bean="wsSecurityInterceptor"/>
    			<ref bean="attachmentInterceptor"/>
    			<ref bean="payloadValidatingInterceptor"/>
    		</list>
    		</property>	
    	</bean>



    securityPolicy.xml
    Code:
    <xwss:SecurityConfiguration dumpMessages="false" xmlns:xwss="http://java.sun.com/xml/ns/xwss/config">
        <xwss:RequireUsernameToken passwordDigestRequired="false" nonceRequired="false"/>
    </xwss:SecurityConfiguration>
Working...
X